Static task
static1
Behavioral task
behavioral1
Sample
e4279cd964ac692189b38d59b4bec5c200dd39748e6da84e1dc09a0a94037e3f.exe
Resource
win7-20231129-en
General
-
Target
0e276bc8ae71f91aba5d0e89d02c93ce847082c366d967288eb896007164fc39
-
Size
526KB
-
MD5
15ee73eae73c8cf88c1e85a5d804a94a
-
SHA1
74e975651ad35803ee0ad254b66ad7e23190fe6c
-
SHA256
0e276bc8ae71f91aba5d0e89d02c93ce847082c366d967288eb896007164fc39
-
SHA512
804e1c600b265923705f8ca0f1d5ce1638bc61e893ddd0c40504e7e8060c009ab17940ac1924df3e2cd59984a4db319ef28aa42a9167006c822e07a12488ad7b
-
SSDEEP
12288:Ouc6K8DEFK9+UJv8Aoj9yfWO/M+wguJGLHwp2jBKgJvGKa7IEal:OuZKuEF++UJUAoxjO/xXsiH1Igc/7xal
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/e4279cd964ac692189b38d59b4bec5c200dd39748e6da84e1dc09a0a94037e3f.exe
Files
-
0e276bc8ae71f91aba5d0e89d02c93ce847082c366d967288eb896007164fc39.zip
Password: infected
-
e4279cd964ac692189b38d59b4bec5c200dd39748e6da84e1dc09a0a94037e3f.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 534KB - Virtual size: 534KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ